-20- 



WE CLAIM: 

L An electronic commerce system for procuring goods/services subject to a chain of 
custody when transferred from a supplier to a user, comprising: 

a user system for procuring the goods by the user comprising: 

5 means for electronically receiving and transmitting user private procurement 

transactions; and 

security means operable only by the user for authenticating electronically said 
53 user private procurement transactions comprising orders and confirmations of 

receipt in a non-repudiatable manner to the secure procurement processor; 

it) a supplier system for supplying the goods for procuring by the user comprising: 

v means for electronically receiving authenticated user private procurement 

transactions and transmitting supplier private procurement transactions 
£ ™ comprising notification of provision of goods/services; 

a secure procurement system comprising: 

15 user system communication means for transmitting and receiving the user private 

procurement transactions with the user system; 

supplier system communication means for transmitting and receiving the supplier 
private procurement transactions with the supplier system; 

security means for receiving authentication of said user private procurement 
20 transactions and for authenticating electronically said user private procurement 

transactions comprising orders and confirmations of receipt as the secure 
procurement system's transactions in a non-repudiatable manner; 
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a database server for storing said authenticated private procurement transactions 
and said notifications and for storing a product catalog representing said goods 
from the supplier available for procuring by a user; and 

a procurement transaction processor for processing said private procurement 
transactions transmitted and received between the user and the supplier; 

a certificate authority for facilitating the authentication electronically of said user private 
procurement transactions comprising orders and confirmations of receipt in a non-repudiatable 
manner; 

a network connection linking the user system, secure procurement system and certificate 
authority; and 

a supplier network connection linking the supplier system and secure procurement 

system; 

whereby the secure procurement system, in cooperation with the certificate authority, processes 
and stores said orders, notifications, and confirmations of receipt to provide a verifiable chain of 
custody for goods/service procured by the user. 

2. The system of claim 1 wherein the procurement transaction processor comprises: 

means for performing business rules analysis using the order, notification or confirmation 
of receipt; and 

means for alarming potential instances of diversion or loss of goods/services. 

3. The system of claim 2 wherein the means for performing business rules analysis 
and means for alarming are configured to: 

Upon receiving a notification of provision of goods/services at the secure procurement 
system: 



-22- 



Initiate a timer for a predetermined period of time within which to receive the 
confirmation of receipt corresponding to the notification; 

If the timer expires, alarm a potential instance of diversion or loss of 
goods/services and prevent further orders from the user. 

4. The system of claim 2 wherein the notification of provision includes a count of 
the quantity of the goods/services provided and the confirmation of receipt includes a count of 
the quantity of the goods/services received and wherein the means for performing business rules 
analysis and means for alarming are configured to: 

Upon receiving the confirmation of receipt at the secure procurement system: 

Compare the count from the confirmation of receipt to the count from the 
corresponding notification; 

If there is a discrepancy, alarm a potential instance of diversion or loss of 
goods/services. 

5. The system according to claim 1 wherein the user system security means includes 
a certificate from the certificate authority for authenticating user to the secure procurement 

system. 

6. The system according to claim 1 wherein the secure procurement system security 
means includes a certificate from the certificate authority for authenticating the secure 
procurement system to the user. 

7. The system according to claim 1 wherein the certificate authority comprises 
means for generating encryption/decryption key pairs unique to each user and the secure 
procurement system to enable encryption/decryption, integrity and authentication of transmitted 
user private procurement transactions between said user and secure procurement system. 
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8. The system of claim 1 wherein the supplier system includes means for processing 
user orders, 

9. The system of claim 8 where the supplier system includes means to interface to a 
legacy supplier order system. 

10. The system of claim 1 wherein the supplier system includes a database for storing 
the user's ship to address for provision of said goods/services to the user and wherein any user 
ship to address in the user order is ignored. 

11. A secure procurement system for procuring goods/services subject to a chain of 
custody when transferred from a supplier to a user, comprising: 

a supplier network connection for connecting the secure procurement system and a 
supplier system; 

a network connection for connecting the secure procurement system to a user system; 

a user system communication means for transmitting and receiving user private 
procurement transactions; 

a supplier system communication means for transmitting and receiving supplier private 
procurement transactions with the supplier system; 

security means for receiving authentication of said user private procurement transactions 
and for authenticating electronically said user private procurement transactions comprising 
orders and confirmations of receipt as the secure procurement system's transactions in a non- 
repudiatable manner; 

a database server for storing said authenticated private procurement transactions and said 
notifications and for storing a product catalog representing said goods from the supplier available 
for procuring by a user; and 
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a procurement transaction processor for processing said private procurement transactions 
transmitted and received between the user and the supplier; 

whereby the secure procurement system in cooperation with a certificate authority processes and 
stores said orders, notifications, and confirmations of receipt to provide a verifiable chain of 
custody for goods/service procured by the user. 

12. The system of claim 1 1 wherein the procurement transaction processor comprises; 

means for performing business rules analysis using the order, notification or confirmation 
of receipt; and 

means for alarming potential instances of diversion or loss of goods/services. 

13. The system of claim 12 wherein the means for performing business rules analysis 
and means for alarming are configured to: 

Upon receiving a notification of provision of goods/services at the secure procurement 

system: 

Initiate a timer for a predetermined period of time within which to receive the 
confirmation of receipt corresponding to the notification; 

If the timer expires, alarm a potential instance of diversion or loss of 
goods/services and prevent further orders from the user. 

14. The system of claim 12 wherein the notification of provision includes a count of 
the quantity of the goods/services provided and the confirmation of receipt includes a count of 
the quantity of the goods/services received and wherein the means for performing business rules 
analysis and means for alarming are configured to: 

Upon receiving the confirmation of receipt at the secure procurement system: 
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Compare the count from the confirmation of receipt to the count from the 
corresponding notification; 

If there is a discrepancy, alarm a potential instance of diversion or loss of 
goods/services. 

15. The system according to claim 11 wherein the user system security means 
includes a certificate from the certificate authority for authenticating user to the secure 
procurement system. 

16. The system according to claim 11 wherein the secure procurement system 
security means further comprises a certificate from the certificate authority for authenticating the 
secure procurement system to the user. 

17. The system according to claim 11 wherein the certificate authority comprises 
means for generating encryption/decryption key pairs unique to each user and the secure 
procurement system to enable encryption/decryption, integrity and authentication of transmitted 
secure user procurement transactions between said user and secure procurement system. 

18. The system of claim 1 wherein the goods are chosen from the group of narcotics, 
controlled drugs and controlled substances. 

19. The system of claim 1 1 wherein the goods are chosen from the group of narcotics, 
controlled drugs and controlled substances. 

20. The system of claim 1 wherein the network connection connects the user system 
and secure processor system over the Internet. 

21. The system of claim 1 1 wherein the network connection connects the user system 
and secure processor system over the Internet. 

22. A method of procuring goods/services subject to a chain of custody when 
transferred from a supplier to a user, comprising: 
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Connecting a user at a user system to a secure procurement system over a network and 
authenticating the user as an authorized user, the secure procurement system having a supplier 
catalog of said goods/services available for procuring; 

Transmitting from the user system and receiving at the secure procurement system a 
5 private order from the user for said goods/services and verifying the user's order in a non- 
repudiatable manner with a certificate authority; 

Storing the verified order in a procurement transaction database and transmitting from the 
secure procurement system and receiving at a supplier system the order over a supplier network; 

Providing the goods/services to the user and transmitting from the supplier system and 
Xlf receiving at the secure procurement system a secure notification of the provision; 

f: Storing the notification in the procurement transaction database and transmitting from the 

£ secure procurement system and receiving at the user system the notification; 

si Receiving the goods/service by the user; 

n Transmitting from the user system and receiving at the secure procurement system a 

g secure confirmation of receipt of the goods/services from the user and verifying the user's receipt 

M in a non-repudiatable manner; and 

Storing the verified secure receipt in a procurement transaction database and transmitting 
from the secure procurement system and receiving at a supplier system the receipt. 

23. The method of claim 22 further including the steps of: 

20 Performing business rules analysis by the secure procurement system using the order, 

notification or confirmation of receipt; and 

Alarming potential instances of diversion or loss of goods/services. 

24. The method of claim 23 wherein the step of performing business rules analysis 
comprises the steps of: 
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Upon receiving a notification of provision of goods/services at the secure procurement 

system: 

Initiating a timer for a predetermined period of time within which to receive the 
confirmation of receipt corresponding to the notification; 

5 If the timer expires, alarming a potential instance of diversion or loss and 

preventing further orders from the user. 

25. The method of claim 23 wherein the notification of provision includes a count of 
the quantity of the goods/services provided and the confirmation of receipt includes a count of 

? the quantity of the goods/services received and wherein the step of performing business rules 
lj> analysis comprises the steps of: 

=p Upon receiving the confirmation of receipt at the secure procurement system: 

Comparing the count from the confirmation of receipt to the count from the 
^ corresponding notification; 

If there is a discrepancy, alarming a potential instance of diversion or loss 
U> provision of goods/services. 

26. The method of claim 22 further including the steps of establishing the user as an 
authorized user to use the secure procurement system by verifying the user's rights to receive the 
goods in the supplier catalog with a body regulating those rights. 

27. The method of claim 22 wherein the network connecting the user system and 
20 secure procurement system is the Internet. 

28. The method of claim 22 wherein the supplier network connecting the secure 
procurement system and the supplier system is a virtual private network. 
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29. The method of claim 22 further including the step of formatting the secure order 
and secure confirmation of receipt into ANSI EDI format prior to transmitting to the supplier 
system. 

30. The method of claim 22 wherein the goods/service are provided to the user's 
address from a shipping address database at the supplier system without regard for any address 
information in the user order. 

31. The method of claim 22 further including the step of transmitting from the secure 
procurement system and receiving at the user system the notification of provision. 

32. A method for procuring goods/services subject to a chain of custody when 
transferred from a supplier to a user comprising the steps of: 

Connecting a secure procurement system to a user system over a network and 
authenticating a user at the user system as an authorized user, the secure procurement system 
having a supplier catalog of said goods/services available for procuring; 

Receiving at the secure procurement system a secure order from the user for said 
goods/services, the user's order verified in a non-repudiatable manner; 

Storing the verified secure order in a procurement transaction database and transmitting 
from the secure procurement system to a supplier system the order over a supplier network; 

Receiving at the secure procurement systems from the supplier system a private 
notification of the provision; 

Storing the notification in the procurement transaction database and transmitting from the 
secure procurement system to the user system the notification; 

Receiving at the secure procurement system from the user system a private confirmation 
of receipt of the goods/services from the user, the confirmation of receipt verified in a non- 
repudiatable manner; and 
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Storing the verified receipt in a procurement transaction database and transmitting from 
the secure procurement system to the supplier system the receipt. 

33. The method of claim 32 further including the step of: 

Performing business rules analysis by the secure procurement system of the transactions 
5 in the procurement transactions database; and 

Alarming potential instances of diversion or loss of goods/services. 

34. The method of claim 33 wherein the step of performing business rules analysis 
comprises the steps of: 

•S Upon receiving a notification of provision of goods/services at the secure procurement 

10 system: 

£ Initiating a timer for a predetermined period of time within which to receive the 

: ^ confirmation of receipt corresponding to the notification; 

If the timer expires, alarming a potential instance of diversion or loss and 
f£ preventing further orders from the user. 

jg 35^ The method of claim 33 wherein the notification of provision includes a count of 

the quantity of the goods/services provided and the confirmation of receipt includes a count of 
the quantity of the goods/services received and wherein the step of performing business rules 
analysis comprises the steps of: 

Upon receiving the confirmation of receipt at the secure procurement system: 

20 Comparing the count from the confirmation of receipt to the count from the 

corresponding notification; 



If there is a discrepancy, alarming a potential instance of diversion or loss 
provision of goods/services. 
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36. The method of claim 32 further including the steps of establishing the user as an 
authorized user to use the secure procurement system by verifying the user's rights to receive the 
goods in the supplier catalog with a body regulating those rights. 

37. The method of claim 32 wherein the network connecting the user system and 
secure procurement system is the Internet. 

38. The method of claim 32 wherein the supplier network connecting the secure 
procurement system and the supplier system is a virtual private network. 

39. The method of claim 32 further including the step of formatting the order and 
confirmation of receipt into ANSI EDI format prior to transmitting to the supplier system. 



